Dear all,
DHIS2 version 40.2.1 is out as a HOTFIX release to address critical performance and security issues in v40.
- DHIS2-16398: Reduce runtime for expensive subquery in /api/events endpoint
- DHIS2-16402: Initiating transaction for cache hits for system settings leads to performance degradation
- Updates the Struts library to address the recently announced security vulnerability CVE-2023-50164.
This is the latest stable release for version 40, and supersedes patch 40.2.0.
These hotfixes are provided to make it easy for you to keep your system secure and reliable; provided you keep up to date with the latest patch versions.
The release note for this patch can be found here: Patch 40.2.1 Release Note.
Thanks!
DHIS2 Release Team
P.S. These issues have also been addressed for the future v40.3.0 patch release.
| Release Information | Links |
|---|---|
| Release Note | Patch 40.2.1 Release Note |
| Upgrade notes | 40 Upgrade notes |
| Download release and sample database | Downloads - DHIS2 |
| Documentation | Home - DHIS2 Documentation |
| Source code on Github | tag/2.40.2.1 |
| Demo instance | DHIS 2 Demo - Sierra Leone |
| Docker | docker pull dhis2/core:40.2.1for more docker image variants see dockerhub |